The first issue to address is to limit the number of queries that users
can perform. For example a database export of the Gnash bugs takes 7MB.
Either we can limit with a cron job, or by limiting the number of
queries from logged-in users, or IP.

The second issue to address is to import such data back in Savane. To
avoid publishing false data (e.g. importing a bug report wrongly
attributed to a public person to discredit him/her), all user
information should be discarded or displayed as non-authoritative
comment. The only information that Savannah can trust is the one that
Savannah itself produced, not the one that is imported.